Ophcrack is a Windows password cracker based on a time-memory trade-off
using rainbow tables. This is a new variant of Hellman's original trade-off,
with better performance. It recovers 99.9% of alphanumeric passwords in
seconds. Features:
- Runs on Windows, GNU/Linux, FreeBSD, Mac OS X, etc.
- Cracks LM and NTLM hashes
- Free tables available for alphanumeric LM hashes
- Brute-force module for simple passwords
- Audit mode and CSV export
- Real-time graphs to analyze passwords (optional)
- Loads hashes from local and remote SAM
- Loads hashes from encrypted SAM recovered from a Windows partition,
Vista included
- Supports soon to be released XP flash and Vista eight XL tables
L0phtCrack 1.5 is a tool for turning Microsoft LANMAN and NT password hashes
back into the original clear text passwords. The program does this using
dictionary cracking and also brute force. L0phtCrack returns not just the
LANMAN password but the NT password up to 14 characters in length.
L0phtCrack includes the ability to dictionary attack or brute force the
network NT server challenge that is used to prevent the OWF (one-way format)
from going across the wire in its plain-text format. Sample network sniffed
challenges are in files sniff.txt and sniff2.txt. This means you can obtain
NT passwords without administrator privileges when you have network access
between the client and the server.
After examining Tripwire and deciding that it was *way* overkill for my
own purposes...
...L5 simply walks down Unix or DOS filesystems, sort of like "ls -R" or
"find" would, generating listings of anything it finds there. It tells
you everything it can about a file's status, and adds on an MD5 hash of
it. Its output is rather "numeric", but it is a very simple format and
is designed to be post-treated by scripts that call L5...
...Unlike Tripwire itself, this is NOT a complete toolkit -- one is
expected to use it as a small, reliable part of a larger system...
_H*
Andrew McNaughton <andrew@scoop.co.nz>
Lasso is a free software C library aiming to implement the Liberty Alliance
standards; it defines processes for federated identities, single sign-on and
related protocols. Lasso is built on top of libxml2, XMLSec and OpenSSL and
is licensed under the GNU General Public License (with an OpenSSL exception).
Lasso first focused on implementing the Liberty Alliance ID-FF 1.2 protocols.
It now supports a good part of ID-WSF, and SAML 2.0 support has also been
completed.
Crypt::LE provides the functionality necessary to use Let's Encrypt
API and generate free SSL certificates for your domains. It can
also be used to generate RSA keys and Certificate Signing Requests
or to revoke previously issued certificates. Crypt::LE is shipped
with a self-sufficient client for obtaining SSL certificates -
le.pl.
The client supports 'http' and 'dns' domain verification out of the box.
This is a crypto library for Ada with a nice API and is written for the
i386 and x86_64 hardware architecture.
Symmetric cryptography supported:
* Blockciphers: AES, Twofish, 3DES, Serpent
* Hash functions: SHA-1, SHA-256, SHA-384, SHA-512, Whirlpool
* MACs: RMAC, HMAC, CMAC
* Modes of operation: BPS, CFB, Ctr, OFB
* Authenticated Encryption Schemes: OCB, SIV, McOE
Assymmetric cryptography supported:
* DSA signature scheme
* OEAP-RSA
* ECDSA, ECDH
Unsigned big number library features:
* Primary cyclic group arithmetic (Z_p)
* Binary Field arithmetic support
* Elliptic Curve arithmetic
PKCS #11 module for Belgian government-issued electronic identity cards.
The Blowfish Library
Blowfish is a block cipher that operates on 64bit (8 byte) quantities.
It uses variable size key, but 128bit (16 byte) key would normally be
considered good. It can be used in all the modes that DES can be
used. This library implements the ecb, cbc, cfb64, ofb64 modes.
Blowfish is quite a bit faster that DES, and much faster than IDEA
or RC2. It is one of the faster block ciphers.
-- Jim Geovedi
jim@corebsd.or.id